Calling a WCF from ASP.NET with same the single-signon user LogonUserIdentity | ansaurus

tags:

views:

220

answers:

1

Q:

Calling a WCF from ASP.NET with same the single-signon user LogonUserIdentity

I have a ASP.NET MVC page, which call WCF logic.

The system is single-signon using NTML. Both the ASP page and the WCF will use the UserIdentity to get user login information.

Other then NTML, I will also have a Form based authorization (with AD) in same system.

The ASP page, is it simple and I can have it from HttpContext.Current.Request.LogonUserIdentity.

However, it seem it is missing from the WCF which call by the ASP, not from browser.

How to configure to pass the ID pass from the ASP to the WCF?

A:

It sounds to me like you need to perform 'Impersonation' of the original user which will allow you to pass on the original caller's identity to the WCF service.

See this guide: Impersonation and Delegation in WCF

Although you have configured ASP.NET to authenticate your callers via NTLM, the worker process is still running with a machine identity (depending on your configuration in IIS). You would need to explicitly impersonate the caller by having the process adopt the callers identity, perhaps just temporarily.

UPDATE: see also Delegation - WCF Gotcha #2

If you want to avoid impersonation anothe option is to use the IdentityModel and a WindowsClaimSet

rohancragg 2010-03-12 08:12:58

I've thought about Impersonation, but I not really need it.Everything should run from a safe system account, and what I need is the person's SID.I am start thinking of passing it via parameter.

Dennis Cheung 2010-03-12 08:20:19

If you look at the code sample in my second link you only need to impersonate for the duration of a using block. But I take your point. However, I would not pass it as a parameter unless you plan on encrypting the data. I do think you need to use Delegation. See the additional link in the updated answer text.

rohancragg 2010-03-12 08:57:01

related questions

Is it better to create Model classes, or just stick with generic database utility class?

What are effective options for embedding video in an ASP.NET web site?

Visual Studio 2008 debugger already attached work-around

Tracking state using ASP.NET AJAX / ICallbackEventHandler

ASP.NET Display SVN Revision Number

ASP.NET URL Rewriting

How can I change the background of a masterpage from the code behind of a content page?

Easy way to AJAX WebControls

How do I define custom web.config sections with potential child elements and attributes for the properties?

ASP.NET MVC "CRUD" Database Sample

Are Multiple DataContext classes ever appropriate?

How to RedirectToAction in ASP.NET MVC without losing request data

Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?

ASP.NET built in user profile, Vs old stile user class/tables

What's a good book for learning ASP?

Bandwith throttling in IIS 6 by IP Address

ASP .Net Custom Client-Side Validation

How to get the value of built, encoded ViewState?

Decent, simple, GIS/mapping component for ASP.NET?

Checklist for IIS 6/ASP.NET Windows Authentication?

How to write to Web.Config in Medium Trust ?

ASP.NET, Visual Studio and Subversion - how to integrate?

Floating Point Number parsing: Is there a Catch All algorithm?

How do I sync the SVN revision number with my ASP.NET web site?

ASP.NET Site Maps